How will new privacy laws affect Aussie telcos?

March 17, 2014

Australia's privacy laws are set to receive one of the biggest overhauls in 25 years to account for major technological developments.

The new laws that came into effect on Wednesday March 12 create Australian privacy principles. The aim of this is to encourage businesses and other government agencies to take more care when they are responsible for personal information internally as well as when this data is sent overseas.

It also includes those companies based overseas that store, use and collect personal information from Australian citizens.

From here on in, Australians must be notified when their data is being collected. The privacy commissioner has greater powers to investigate any breaches and can seek civil penalties if any serious failures are discovered.

How will this effect Aussie telcos?

Any companies that operate in the Australian market will be subject to the changes.

The new privacy principles set out other requirements for businesses storing data in the cloud and for communications service providers. For example, businesses must now state to clients whether the collected data is stored or processed inside or outside of the country and all suppliers involved in the process must be briefed about the need to comply with these new policies.

This may mean that suppliers need to update their procedures where audits and parameters are concerned in order to ensure all rules are being followed.

If a subsidiary company is found in breach of these rules, the Australian telco could be held liable under the law.

What effects will this have on consumers?

In the event of a breach of privacy, consumers will now have a higher rate of redress and there are more protections on offer for users.

The new law decreases the risk that personal information will be collected, stored and controlled by these companies so it may help to prevent this data being used in ways not in accordance with a user's wishes.

It could also prevent inappropriate or unauthorised access to information held in the cloud that could be a result of weak access control or other security vulnerabilities.

The new changes mean users are at a lower risk of being profiled or tracked by any unwanted sources or in other ways they're not aware of.

It decreases the risk your private information will be passed onto third parties without consent and of "function creep", where the information you give to websites is used for a different purpose than for what it was given.